package com.security.utils;

import com.security.entity.User;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;

import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

public class JwtUtils {
    public static final String TOKEN_HEADER = "Authorization";
    public static final String TOKEN_PREFIX = "Bearer ";

    public static final String SUBJECT = "cong";

    public static final long EXPIRATION = 1000 * 24 * 60 * 60 * 7;

    public static final String APP_SECRET_KEY = "cong_secret";

    public static final String ROLE_CLAIMS = "rol";

    /**
     *
     * @param user User
     * @return token
     */
    public static String generateJsonWebToken(User user){
        if (user.getId() == null || user.getUsername() == null){
            return null;
        }

        Map<String, Object> map = new HashMap<>();
        map.put(ROLE_CLAIMS, "rol");

        return Jwts
                .builder()
                .setClaims(map)
                .claim("id", user.getId())
                .claim("name", user.getUsername())
                .setIssuedAt(new Date())
                .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION))
                .signWith(SignatureAlgorithm.ES256, APP_SECRET_KEY).compact();
    }

    /**
     *
     * @param username --username
     * @param role --权限
     * @return token
     */
    public static String createToken(String username, String role){
        Map<String, Object> map = new ConcurrentHashMap<>(10);
        map.put(ROLE_CLAIMS, role);

        return Jwts
                .builder()
                .setSubject(username)
                .setClaims(map)
                .claim("username", username)
                .setIssuedAt(   new Date())
                .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION))
                .signWith(SignatureAlgorithm.ES256, APP_SECRET_KEY).compact();
    }

    /**
     * 验证jwt
     * @param token --token
     * @return user info
     */
    public static Claims checkJWT(String token){
        try {
            return Jwts.parser().setSigningKey(APP_SECRET_KEY)
                    .parseClaimsJws(token)
                    .getBody();
        } catch (Exception e){
            e.printStackTrace();
            return  null;
        }
    }

    /**
     * 获取username
     * @param token --token
     * @return username
     */
    public static String getUsername(String token){
        Claims claims = Jwts.parser().setSigningKey(APP_SECRET_KEY).parseClaimsJws(token).getBody();
        return claims.get("username").toString();
    }

    public static boolean isExpiration(String token){
        Claims claims = Jwts.parser().setSigningKey(APP_SECRET_KEY).parseClaimsJws(token).getBody();
        return claims.getExpiration().before(new Date());
    }

    /**
     * 获取用户角色
     * @param token --token
     * @return user_role
     */
    public static String getUserRole(String token){
        Claims claims = Jwts.parser().setSigningKey(APP_SECRET_KEY).parseClaimsJws(token).getBody();
        return claims.get("rol").toString();
    }
}
